<? /* license

BilugCMS (http://www.bilug.it) - Content Management System for dynamic web sites
Copyright (C) 2005-2008  Federico Villa and Alessio Loro Piana

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 2 of the License.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.

For reference, contact bilugcms@vilnet.it


license */ ?>

<?
function Nav($cat,$max,$pos,$pag)
{
	if ($max!=0) {
	echo "Numero Articoli: $max";}
	else {
	echo "Nessun Articolo presente";}
	
	echo "<br />";
	
	if ($pos>0) 
	{
		echo "<a href=\"index.php?pag=ecommerce_ris.php&categoria=$cat&ind=0\">(<img src=\"../img/iniz.png\" id=\"navig\" />)Prime</a> ";
		echo "<a href=\"index.php?pag=ecommerce_ris.php&categoria=$cat&ind=".($pos-$pag)."\">(<img src=\"../img/sx.png\" id=\"navig\" />)Precedenti&nbsp;*</a> ";
	}
	if ($max>$pos+$pag) 
	{
		echo "<a href=\"index.php?pag=ecommerce_ris.php&categoria=$cat&ind=".($pos+$pag)."\">Successivi(<img src=\"../img/dx.png\" id=\"navig\" />)</a>";
		echo "<a href=\"index.php?pag=ecommerce_ris.php&categoria=$cat&ind=".($max-$pag)."\">Ultime(<img src=\"../img/fine.png\" id=\"navig\" />)</a>";
	}
}

$idut = $_GET['idut']; // valore id utente per ecommerce riservato
$cat=$_GET["categoria"];
@$prod=$_GET["prod"];
$ind=$_GET["ind"];
$cerca=$_POST["cerca"];
$in=$_GET["in"];
$ris=$_GET["ris"];

// controllo se la sessione e riservata o meno...
if ( @$ris == 'si' )
	$_SESSION['riservato'] = 'si';


// Numero di articoli da visualizzare per ogni pagina
$page=1000;

// query estrazione stringa elenco articoli associati ad ogni utente
$query2 = "SELECT articoli, nome FROM ecommerceris WHERE ID = '$idut'";
$result=mysql_query($query2);
$eris=mysql_fetch_row($result);	
$ogg=explode("," ,$eris[0]);
while (list(, $oggexplode) = each ($ogg)) {
		if ($oggexplode){
		$in .= "'".$oggexplode."',";}
		//echo "$in<br />";
		}
$in = substr($in, 0, -1); 


if($ind=="")
{
	$pos=0;
}
else
{
	$pos=$ind;
}

if($cerca=="") {	//query di estrazione articoli -> se categoria vuota allora estraggo tutto
		if($cat!="")
		{
			$ric_cat = " AND categoria = '$cat' ";
		}
		
		if( @$prod AND $prod != "" )
		{
			$ric_prod = " AND produttore = '$prod' ";
		}

		$query="SELECT id, titolo, prezzo, foto, spedizione, quantita, prezzo_intero, colore, taglia, riservato FROM ecommerce WHERE 1 $ric_cat $ric_prod AND id IN ($in) ORDER BY titolo LIMIT $pos,$page";
		//sapere il numero degli articoli

		$query1="SELECT count(*) FROM ecommerce WHERE 1 $ric_cat $ric_prod AND id IN ($in)";
	}
else
	{
		$parola = $_POST["parola"];
		$inizio = substr($parola,0,1); 
	if ($parola!="" AND $inizio!="/" AND $inizio!="<" AND stristr($parola, 'http://')==FALSE  AND stristr($parola, 'ftp://')==FALSE  AND stristr($parola, 'https://')==FALSE AND stristr($parola, '<script>')==FALSE AND stristr($parola, '<object>')==FALSE AND stristr($parola, '<applet>')==FALSE AND stristr($parola, '<embed>')==FALSE AND stristr($parola, '<%')==FALSE)
		{
			$query = "SELECT id, titolo, prezzo, foto, spedizione, quantita, prezzo_intero, colore, taglia, riservato FROM ecommerce WHERE (categoria LIKE '%$parola%' OR titolo LIKE '%$parola%' OR prezzo LIKE '%$parola%' OR prezzo_intero LIKE '%$parola%' OR descrizione LIKE '%$parola%' OR codice LIKE '%$parola%')";
			//sapere il numero degli articoli
			$query1 = "SELECT count(*) FROM ecommerce WHERE (categoria LIKE '%$parola%' OR titolo LIKE '%$parola%' OR prezzo LIKE '%$parola%' OR prezzo_intero LIKE '%$parola%' OR descrizione LIKE '%$parola%' OR produttore LIKE '%$parola%' OR codice LIKE '%$parola%' OR colore LIKE '%$parola%', OR taglia LIKE '%$taglia%')";
		}
	else
		{
			header("Refresh: 0; url=../html/index.php");
			exit;
		}
	}
//echo $query1;
$ris = mysql_query($query);
$ris1= mysql_query($query1);
$max=mysql_fetch_row($ris1);

echo "<h1>E-commerce</h1>";
echo "<div class=\"contenitore\">";	

if ( $cat == "" )
	$link_prod = $_SERVER['PHP_SELF'] . "?pag=ecommerce_ris.php&idut=$idut";
else
	$link_prod = $_SERVER['PHP_SELF'] . "?pag=ecommerce_ris.php&idut=$idut&categoria=$cat";

echo "	
		<div id=\"sel_produttore\">Produttore: 
			<select name=\"prod\" onchange=\"if(this.value!='-')window.location='$link_prod&prod='+this.value\">
			<option value=\"\">TUTTI</option>			
			<option value=\"-\">-----------------------------------------</option>";
			if ( $cat == "" )		
				$sqlprod = "SELECT produttore, riservato FROM ecommerce GROUP BY produttore ORDER BY produttore ASC";
			else
				$sqlprod = "SELECT produttore, riservato FROM ecommerce WHERE categoria = '$cat' GROUP BY produttore ORDER BY produttore ASC";
			$rssqlprod = mysql_query( $sqlprod );
			while( $row = mysql_fetch_array( $rssqlprod ) ) {
				if ( $row[0] == $prod )
					echo "<option value=\"$row[0]\" selected=\"selected\">$row[0]</option>";
				else	
					echo "<option value=\"$row[0]\">$row[0]</option>";
			}
echo "		</select>
		</div>

		<div id=\"carrello\">
			<a href=\"index.php?pag=ecommerce_dettaglio_carrello.php\">Riguarda carrello
			 <img src=\"../img/carrello.png\" id=\"ecomico\"></a>
		</div><br />";
Nav($cat,$max[0],$pos,$page);
?>
<br /><br />
<div class="contenitore">
		<div class="float200">
			<center>Foto</center>
		</div>
		<div class="float200">
			<center>Articolo</center>
		</div>
		<div class="float100">
			<center>Prezzo &euro;</center>
		</div>	
		<div class="float100">
			<center>Disponibilit&agrave;</center>
		</div>			
	</div>
	<br />
<?
while($art=mysql_fetch_row($ris))
{	

?>

	<div class="contenitore">
		<div class="float200">
			<? 
				if($art[3]=="")
					echo "&nbsp;<a href=\"index.php?pag=ecommerce_dettaglio.php&id=$art[0]\"><img src=\"./img/images/standard.jpg\" id=\"ecomsec\"></a>";
				else
				{
					$fototrunk = strrpos($art[3],"/");
					$fototrunk = $fototrunk + 1;
					$art[3] = substr($art[3], $fototrunk);
					$art[3] = substr($art[3], 0, strlen($art[3])-1);
					echo "&nbsp;<a href=\"index.php?pag=ecommerce_dettaglio.php&id=$art[0]\"><img src=\"./img/images/$art[3]\" id=\"ecomsec\"></a>";
				}
			?>
		</div>
		<div class="float200">
			<br /><br />
			<?echo "<a href=\"index.php?pag=ecommerce_dettaglio.php&id=$art[0]\">
				    <center>";
				    echo "Nome: $art[1]<br />";
					if ( @$art[7] )
						echo "Colore: $art[7]<br />";
					if ( @$art[8] )	
						echo "Taglia: $art[8]";
			echo "</center>
					</a>";
			?>
		</div>
		<div class="float100">
			<br /><br /><center>
			<?php
			$prezzo = number_format($art[2], 2, ',', '.');
			
			if ( $art[6] > $art[2] ) {
				echo "<span style=\"text-decoration:line-through; color: red;\">".number_format($art[6], 2, ',', '.')." &euro;<br /></span><br />";			
			}
			
			echo "$prezzo";			
			?>
			 &euro;</center>

		</div>
		<div class="float100">
			<br /><br /><center><?
			echo"$art[5]";?></center>
		</div>		
		<div class="azzerafloat"><br /></div>
	</div>	
	<?
}
echo"<br />";
Nav($cat,$max[0],$pos,$page);
echo"	<br />
		<div id=\"carrello\">
			<a href=\"index.php?pag=ecommerce_dettaglio_carrello.php\">Riguarda carrello
			 <img src=\"../img/carrello.png\" id=\"ecomico\"></a>
		</div>";
echo "<div class=\"azzerafloat\"><br /></div></div>";
?>
